DESIGN AND EXPLORATION OF NEW MODELS FOR SECURITY AND PRIVACY-SENSITIVE COLLABORATION SYSTEMS

Collaboration has been an area of interest in many domains including education, research, healthcare supply chain, Internet of things, and music etc. It enhances problem solving through expertise sharing, ideas sharing, learning and resource sharing, and improved decision making. To address the limitations in the existing literature, this dissertation presents a design science artifact and a conceptual model for collaborative environment. The first artifact is a blockchain based collaborative information exchange system that utilizes blockchain technology and semi-automated ontology mappings to enable secure and interoperable health information exchange among different health care institutions. The conceptual model proposed in this dissertation explores the factors that influences professionals continued use of video- conferencing applications. The conceptual model investigates the role the perceived risks and benefits play in influencing professionals’ attitude towards VC apps and consequently its active and automatic use

Context-Aware and Secure Workflow Systems

Businesses do evolve. Their evolution necessitates the re-engineering of their existing "business processes”, with the objectives of reducing costs, delivering services on time, and enhancing their profitability in a competitive market. This is generally true and particularly in domains such as manufacturing, pharmaceuticals and education). The central objective of workflow technologies is to separate business policies (which normally are encoded in business logics) from the underlying business applications. Such a separation is desirable as it improves the evolution of business processes and, more often than not, facilitates the re-engineering at the organisation level without the need to detail knowledge or analyses of the application themselves. Workflow systems are currently used by many organisations with a wide range of interests and specialisations in many domains. These include, but not limited to, office automation, finance and banking sector, health-care, art, telecommunications, manufacturing and education. We take the view that a workflow is a set of "activities”, each performs a piece of functionality within a given "context” and may be constrained by some security requirements. These activities are coordinated to collectively achieve a required business objective. The specification of such coordination is presented as a set of "execution constraints” which include parallelisation (concurrency/distribution), serialisation, restriction, alternation, compensation and so on. Activities within workflows could be carried out by humans, various software based application programs, or processing entities according to the organisational rules, such as meeting deadlines or performance improvement. Workflow execution can involve a large number of different participants, services and devices which may cross the boundaries of various organisations and accessing variety of data. This raises the importance of _ context variations and context-awareness and _ security (e.g. access control and privacy). The specification of precise rules, which prevent unauthorised participants from executing sensitive tasks and also to prevent tasks from accessing unauthorised services or (commercially) sensitive information, are crucially important. For example, medical scenarios will require that: _ only authorised doctors are permitted to perform certain tasks, _ a patient medical records are not allowed to be accessed by anyone without the patient consent and _ that only specific machines are used to perform given tasks at a given time. If a workflow execution cannot guarantee these requirements, then the flow will be rejected. Furthermore, features/characteristics of security requirement are both temporal- and/or event-related. However, most of the existing models are of a static nature – for example, it is hard, if not impossible, to express security requirements which are: _ time-dependent (e.g. A customer is allowed to be overdrawn by 100 pounds only up-to the first week of every month. _ event-dependent (e.g. A bank account can only be manipulated by its owner unless there is a change in the law or after six months of his/her death). Currently, there is no commonly accepted model for secure and context-aware workflows or even a common agreement on which features a workflow security model should support. We have developed a novel approach to design, analyse and validate workflows. The approach has the following components: = A modelling/design language (known as CS-Flow). The language has the following features: – support concurrency; – context and context awareness are first-class citizens; – supports mobility as activities can move from one context to another; – has the ability to express timing constrains: delay, deadlines, priority and schedulability; – allows the expressibility of security policies (e.g. access control and privacy) without the need for extra linguistic complexities; and – enjoy sound formal semantics that allows us to animate designs and compare various designs. = An approach known as communication-closed layer is developed, that allows us to serialise a highly distributed workflow to produce a semantically equivalent quasi-sequential flow which is easier to understand and analyse. Such re-structuring, gives us a mechanism to design fault-tolerant workflows as layers are atomic activities and various existing forward and backward error recovery techniques can be deployed. = Provide a reduction semantics to CS-Flow that allows us to build a tool support to animate a specifications and designs. This has been evaluated on a Health care scenario, namely the Context Aware Ward (CAW) system. Health care provides huge amounts of business workflows, which will benefit from workflow adaptation and support through pervasive computing systems. The evaluation takes two complementary strands: – provide CS-Flow’s models and specifications and – formal verification of time-critical component of a workflow

Semantic discovery and reuse of business process patterns

Patterns currently play an important role in modern information systems (IS) development and their use has mainly been restricted to the design and implementation phases of the development lifecycle. Given the increasing significance of business modelling in IS development, patterns have the potential of providing a viable solution for promoting reusability of recurrent generalized models in the very early stages of development. As a statement of research-in-progress this paper focuses on business process patterns and proposes an initial methodological framework for the discovery and reuse of business process patterns within the IS development lifecycle. The framework borrows ideas from the domain engineering literature and proposes the use of semantics to drive both the discovery of patterns as well as their reuse

Contributions for the exploitation of Semantic Technologies in Industry 4.0

120 p.En este trabajo de investigación se promueve la utilización de las tecnologías semánticas, en el entorno de la Industria 4.0, a través de tres contribuciones enfocadas en temas correspondientes a la fabricación inteligente: las descripciones enriquecidas de componentes, la visualización y el análisis de los datos, y la implementación de la Industria 4.0 en PyMEs.La primera contribución es una ontología llamada ExtruOnt, la cual contiene descripciones semánticas de un tipo de máquina de fabricación (la extrusora). En esta ontología se describen los componentes, sus conexiones espaciales, sus características, sus representaciones en tres dimensiones y, finalmente, los sensores utilizados para capturar los datos. La segunda contribución corresponde a un sistema de consulta visual en el cual se utiliza la ontología ExtruOnt y una representación en 2D de la extrusora para facilitar a los expertos de dominio la visualización y la extracción de conocimiento sobre el proceso de fabricación de una manera rápida y sencilla. La tercera contribución consiste en una metodología para la implementación de la Industria 4.0 en PyMEs, orientada al ciclo de vida del cliente y potenciada por el uso de tecnologías Semánticas y tecnologías de renderizado 3D.Las contribuciones han sido desarrolladas, aplicadas y validadas bajo un escenario de fabricación real

Analyzing the m-business landscape

The m-business landscape never stops to change and the impacts on the mobile market are constant as players reposition themselves on the market according to the new opportunities and threats brought by rapid technological developments. This paper provides a conceptual tool to better understand this player arena and its objective is threefold. The first one is to analyze the role of the key actors using ontology for defining and assessing their business models. The second objective is to analyze and visualize the interaction of actors with each other from a value system perspective. The final objective is to evaluate and represent the dependencies of the actors, their strategies and their convergence or divergence on different issues by using an approach borrowed from policy makin

Explaining Adoption of Pervasive Retail Systems with a Model based on UTAUT2 and the Extended Privacy Calculus

The advent of e-commerce puts traditional retail companies under a lot of pressure. A way retailers try to attract more customers to their physical stores is by offering online services on the retail sales floor. Such services are enabled through pervasive retail systems. These systems, however, do not only offer new opportunities but also bear risks for retailers because they heavily depend on privacy-related data, which customers could perceive as a potential privacy threat. In the present paper, we thus investigate the antecedents of customers’ usage intention towards such systems and the trade-off between the perceived benefits and the perceived privacy costs that are associated with their use. To this end, we propose a model based on the most recent version of the Unified Theory of Acceptance and Use of Technology (UTAUT2) and the Extended Privacy Calculus Theory. We validate our model considering a smart fitting room application and show that the model is able to explain 67.1% of the variance in the behavioral intention to use the system and 43.1% of the variance in a person’s willingness to disclose private information. Our results can be leveraged to design pervasive systems that are perceived as valuable instead of privacy threatening

Linked data as medium for distributed Multi-Agent Systems

The conceptual design and discussion of multi-agents systems (MAS) typically focuses on agents and their models, and the elements and effects in the environment which they perceive. This view, however, leaves out potential pitfalls in the later implementation of the system that may stem from limitations in data models, interfaces, or protocols by which agents and environments exchange information. By today, the research community agrees that for this, that the environment should be understood as well as abstraction layer by which agents access, interpret, and modify elements within the environment. This, however, blurs the the line of the environment being the sum of interactive elements and phenomena perceivable by agents, and the underlying technology by which this information and interactions are offered to agents. This thesis proposes as remedy to consider as third component of multi agent systems, besides agents and environments, the digital medium by which the environment is provided to agents. "Medium" then refers to exactly this technological component via which environment data is published interactively towards the agents, and via which agents perceive, interpret, and finally, modify the underlying environment data. Furthermore, this thesis will detail how MAS may use capabilities of a properly chosen medium to achieve coordinating system behaviors. A suitable candidate technology for digital agent media comes from the Semantic Web in form of Linked Data. In addition to conceptual discussions about the notions of digital agent media, this thesis will provide in detail a specification of a Linked Data agent medium, and detail on means to implement MAS around Linked Data media technologies.Sowohl der konzeptuelle Entwurf von, als auch die wissenschaftliche Diskussion über Multi-Agenten-Systeme (MAS) konzentrieren sich für gewöhnlich auf die Agenten selbst, die Agentenmodelle, sowie die Elemente und Effekte, die sie in ihrer Umgebung wahrnehmen. Diese Betrachtung lässt jedoch mögliche Probleme in einer späteren Implementierung aus, die von Einschränkungen in Datenmodellen, Schnittstellen, oder Protokollen herrühren können, über die Agenten und ihre Umgebung Informationen miteinander austauschen. Heutzutage ist sich die Forschungsgemeinschaft einig, dass die Umgebung als solche als Abstraktionsschicht verstanden werden sollte, über die Agenten Umgebungseffekte und -elemente wahrnehmen, interpretieren, und mit ihnen interagieren. Diese Betrachtungsweise verschleiert jedoch die Trennung zwischen der Umgebung als die Sammlung interaktiver Elemente und wahrnehmbarer Phänomene auf der einen Seite, und der zugrundeliegenden Technologie, über die diese Information den Agenten bereitgestellt wird, auf der anderen. Diese Dissertation schlägt als Lösung vor, zusätzlich zu Agenten undUmgebung ein digitales Medium, über das Agenten die Umgebung bereitgestellt wird, als drittes Element von Multi-Agenten-Systemen zu betrachten. Der Begriff "Medium" bezieht sich dann genau auf diese technologische Komponente, über die Umgebungsinformationen Agenten interaktiv bereitgestellt werden, und über die Agenten die zugrundeliegenden Daten wahrnehmen, interpretieren, und letztendlich modifizieren. Desweiteren wird diese Dissertation aufzeigen, wie die Eigenschaften eines sorgfältig gewählten Mediums ausgenutzt werden können, um ein koordiniertes Systemverhalten zu erreichen. Ein geeigneter Kandidat für ein digitales Agentenmedium findet sich im Ökosystem des „Semantic Web”, in Form von „Linked Data”, wörtlich („verknüpfte Daten”). Zusätzlich zu einer konzeptionellen Diskussion über die Natur digitaler Agenten- Media, spezifiziert diese Dissertation „Linked Data” als Agentenmedium detailliert aus, und beschreibt im Detail die Mittel, wie sich MAS um Linked Data Technologien herum implementieren lassen

Quality of (Digital) Services in e-Government

Internet growth in the nineties supported government ambition to provide better services to citizens through the development of Information and Communication Technologies based solutions. Thanks to the Lisbon conference, which in 2000 covered and investigated this topic, e-government has been recognized as one of the major priorities in Public Administration innovation process. As a matter of\ud fact in the last 10 years the number of services provided to citizens through Information and Communication Technologies has increased rapidly. Nevertheless the increasing rate, the access and usage of digital services do not follow the same trend. Nowadays Public Administrations deliver many electronic services which\ud are seldom used by citizens. Different reasons contribute to the highlighted situation.\ud The main assumption of the thesis is that quality of e-government digital services strongly affects real access to services by citizens. According to the complexity of quality in e-government, one of the main challenges was to define a suitable quality model. To reach such aim, domain-dependent characteristics on the services delivery have been investigated. The defined model refers to citizen,\ud technology and service related quality characteristics. Correspondingly a suitable way to represent, assess, and continuously improve services quality according to\ud such domain requirements has been introduced.\ud Concerning the service related quality aspects a methodology and a tool permitting to formally and automatically assess the quality of a designed service with\ud respect to the quality model has been defined. Starting from an user friendly notation, both for service and quality requirements, the proposed methodology has\ud been implemented as an user friendly tool supported by a mapping from user friendly notations to formal language. The tool allows to verify formally via model checking, if the given service satisfies one by one the quality requirements addressed by the quality model.\ud Additionally in some case an unique view on e-government service quality is quite useful. A mathematical model provides a single value for quality starting from the assessment of all the requirements defined in the quality model. It relies on the following activities: homogeneity, interaction and grouping.\ud A set of experiments has been performed in order to validate the goodness of the work. Services already implemented in a local Public Administration has\ud been considered. Literature review and domain experts knowledge were the main drivers of this work. It proofs the goodness of the quality model, the application of formal techniques in the complex field of study such as e-government and the quality aggregation via the mathematical model.\ud This thesis introduces advance research in e-government by providing the contributions that quality oriented service delivery in Public Administration promotes services used by the citizens. Further applications of the proposed approaches could be investigated in the areas of practical benchmarking and Service Level Agreement specification